OpenChain Export Control Work Group – 2022-11-22 – Full Recording


 

For a sharable version of this content check this link:
https://www.openchainproject.org/news/2022/11/23/export-control-1-recording

The first meeting of the OpenChain Export Control Work Group took place on the 22nd of November 2022. This meeting focused on setting the parameters for future discussion.

In our open discussion, we explored topics firstly by framing the challenges, and then by discussing the types of resources available to support individual organization understanding and workflow.During this discussion we explored a series of links based on audience contribution.
https://www.youtube.com/watch?v=039KCz16_Os

For example, the US export control overview:
https://www.trade.gov/us-export-controls

The US Encryption and Export Administration Regulations (EAR):
https://www.bis.doc.gov/index.php/policy-guidance/encryption

The type of definitions used:
https://www.bis.doc.gov/index.php/documents/new-encryption/1652-cat-5-part-2-quick-reference-guide/file

The American Conference Institute overview of US EAR encryption controls:
https://www.americanconference.com/ear-boot-camp-821l16-chi/wp-content/uploads/sites/932/2016/08/Day1_4.45_Sorrentino.Crooks.Hansson.pdf

Exclusions to US cryptographic export control related to financial services:
https://www.bis.doc.gov/index.php/policy-guidance/encryption/2-items-in-cat-5-part-2/a-5a002-a-and-5d002-c-1/v-decontrol-notes

A recent article regarding open source and export control:
https://academic.oup.com/book/44727/chapter/378967490

An old but potentially useful (especially if refreshed) list of export controls by country:
http://www.cryptolaw.org

An example of cryptography detected by the tool SCANOSS Minr:
https://github.com/scanoss/cryptographic_algorithms

We have decided to reach out to experts to see if there are other resources available that may be useful.

Two future resources flagged as useful are:
• A list of tools to help detect cryptographic algorithms in open source.
• A document listing what encryption is strong and what is standard.

Our outcome was to search for resources like this, and also to check the type of parameters that our work group could continue the discussion while ensuring everyone is comfortable and no suggestion of organizational advice or recommendations could be misunderstood as existing.

We have decided to have our second call in around one month, just before Christmas, and a calendar invitation is attached.

== Formal Invite ==

The OpenChain Export Control Work Group will hold its second meeting on the 13th of December at 09:00 PST (17:00 UTC).

This meeting will have the following agenda:

(1) Introductions
(2) Open discussion about how our community can contribute to the field

Zoom meeting:
https://zoom.us/j/93456802267

Join main@lists.openchainproject.org to automatically receive all group messages.